Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/ZjLFFKUrRCKd4XULztCml-kxzbE.roa
File: ZjLFFKUrRCKd4XULztCml-kxzbE.roa (raw, json)
Hash identifier: iLiOX/8iUGUzvsk0xs7hyAAeHKz87l4PT0WROfpJjaE=
Subject key identifier: 66:32:C5:14:A5:2B:44:22:9D:E1:75:0B:CE:D0:A6:97:E9:31:CD:B1
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 018CCCED6288B835C327286311BC9E2E95B1
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/ZjLFFKUrRCKd4XULztCml-kxzbE.roa
Signing time: Wed 03 Jan 2024 01:25:58 +0000
ROA not before: Wed 03 Jan 2024 01:25:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56913
IP address blocks: 89.187.5.0/24 maxlen: 24
89.187.11.0/24 maxlen: 24
89.187.28.0/24 maxlen: 24
89.187.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 01:49:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cc:ed:62:88:b8:35:c3:27:28:63:11:bc:9e:2e:95:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Jan 3 01:25:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6632c514a52b44229de1750bced0a697e931cdb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a2:59:14:f4:18:8e:1e:41:28:45:2b:32:84:
34:50:4c:50:c8:cc:82:a0:81:13:4c:f3:45:08:ba:
56:aa:1c:fc:a2:2e:ef:dd:0f:94:4e:b0:4c:d5:45:
c6:50:8a:ca:8d:87:0e:c7:b0:94:6c:08:ad:2b:47:
26:ff:f7:0a:00:07:0c:69:e4:a6:eb:50:8c:31:0d:
e4:88:ef:60:54:30:91:14:64:b9:bf:3b:1e:79:a0:
a6:9b:38:75:72:36:5f:41:8c:21:03:6b:39:a3:26:
ed:48:e7:f2:11:3d:b3:89:a5:91:d0:09:6e:3c:b0:
b3:af:6c:71:52:54:ba:c7:12:02:4d:2b:4f:39:cd:
33:ff:72:05:8a:66:ac:c5:dc:e3:41:a5:b4:5a:92:
fc:0e:29:13:e7:02:d3:28:1f:5f:ab:fb:f2:5e:6e:
92:ee:69:f4:9d:c6:8c:17:11:7d:fa:25:67:f4:33:
4a:1b:44:89:fd:f3:44:5e:35:59:d6:a0:11:df:e0:
1c:db:39:9c:f5:06:bd:6e:98:02:eb:64:82:ec:88:
d7:b4:de:02:a3:b3:63:46:f3:f5:5a:14:be:ce:e6:
b9:16:2f:c6:db:f7:c9:83:85:57:61:f1:8a:74:ff:
92:f0:58:15:52:e3:50:65:8d:76:93:b5:2c:19:78:
bc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:32:C5:14:A5:2B:44:22:9D:E1:75:0B:CE:D0:A6:97:E9:31:CD:B1
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/ZjLFFKUrRCKd4XULztCml-kxzbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.5.0/24
89.187.11.0/24
89.187.28.0/24
89.187.30.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:16:f0:19:41:1b:ca:51:67:fd:f6:3b:5e:c6:d1:60:2c:8b:
05:83:ac:b4:29:f4:34:a8:64:7a:76:be:56:91:8e:02:38:33:
af:ee:8c:c2:65:3d:d6:8f:e6:32:4f:8d:0d:6b:05:8b:a0:b8:
3d:84:4d:1c:a3:28:96:a7:22:59:af:a2:a2:29:c2:7c:75:e0:
c0:90:62:a5:4e:1f:3e:11:0e:97:9c:63:df:e3:fb:f2:19:f7:
ae:0a:f8:4b:ca:52:dc:14:46:0f:d7:4b:46:92:78:3a:11:66:
c2:08:bd:bf:62:5b:7a:c9:31:d3:3d:7f:42:76:1e:71:5e:cb:
7b:0d:13:44:73:84:6e:40:3e:0a:f1:1b:32:30:f2:49:57:c9:
fc:b3:25:5d:6d:89:72:9b:9d:51:61:74:9d:50:7a:12:3f:a0:
84:88:09:1c:5c:00:8b:4c:6a:12:8d:24:e0:15:07:47:76:6f:
4e:78:38:b3:f4:d5:15:6c:3b:d6:da:bf:05:40:59:2b:cc:79:
63:1c:ee:c4:d5:a5:ab:79:6c:a9:e9:58:53:15:d4:49:8b:4d:
f7:0e:39:88:80:8d:a8:f3:a8:c0:4d:39:8e:ba:7a:e0:a6:c7:
68:02:20:e2:c7:36:ea:7f:81:8c:1e:03:b9:a4:47:61:f8:13:
0a:50:03:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzM7WKIuDXDJyhjEbyeLpWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwMTAzMDEyNTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjMyYzUxNGE1MmI0NDIyOWRlMTc1MGJjZWQwYTY5N2U5MzFjZGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaJZFPQYjh5BKEUrMoQ0UExQyMyC
oIETTPNFCLpWqhz8oi7v3Q+UTrBM1UXGUIrKjYcOx7CUbAitK0cm//cKAAcMaeSm
61CMMQ3kiO9gVDCRFGS5vzseeaCmmzh1cjZfQYwhA2s5oybtSOfyET2ziaWR0Alu
PLCzr2xxUlS6xxICTStPOc0z/3IFimasxdzjQaW0WpL8DikT5wLTKB9fq/vyXm6S
7mn0ncaMFxF9+iVn9DNKG0SJ/fNEXjVZ1qAR3+Ac2zmc9Qa9bpgC62SC7IjXtN4C
o7NjRvP1WhS+zua5Fi/G2/fJg4VXYfGKdP+S8FgVUuNQZY12k7UsGXi8RwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGYyxRSlK0QineF1C87QppfpMc2xMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvWmpMRkZLVXJSQ0tkNFhVTHp0Q21sLWt4emJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWbsFAwQA
WbsLAwQAWbscAwQAWbseMA0GCSqGSIb3DQEBCwUAA4IBAQAfFvAZQRvKUWf99jte
xtFgLIsFg6y0KfQ0qGR6dr5WkY4CODOv7ozCZT3Wj+YyT40NawWLoLg9hE0coyiW
pyJZr6KiKcJ8deDAkGKlTh8+EQ6XnGPf4/vyGfeuCvhLylLcFEYP10tGkng6EWbC
CL2/Ylt6yTHTPX9Cdh5xXst7DRNEc4RuQD4K8RsyMPJJV8n8syVdbYlym51RYXSd
UHoSP6CEiAkcXACLTGoSjSTgFQdHdm9OeDiz9NUVbDvW2r8FQFkrzHljHO7E1aWr
eWyp6VhTFdRJi033DjmIgI2o86jATTmOunrgpsdoAiDixzbqf4GMHgO5pEdh+BMK
UAOg
-----END CERTIFICATE-----
Generated at Wed Jan 24 03:09:41 2024 by rpki-client on console-ams.rpki-client.org